Bug 29872

Summary: objdump SEGV in display_debug_lines_decoded dwarf.c:5413
Product: binutils Reporter: 曾思維 <13579and24680>
Component: binutilsAssignee: Alan Modra <amodra>
Status: RESOLVED FIXED    
Severity: normal    
Priority: P2    
Version: 2.39   
Target Milestone: 2.40   
Host: Target:
Build: Last reconfirmed: 2022-12-12 00:00:00
Attachments: Generated by my fuzzer and afl-tmin
poc to crash in display_debug_lines_decoded dwarf.c:5413

Description 曾思維 2022-12-12 02:20:42 UTC 
Created attachment 14492 [details]
Generated by my fuzzer and afl-tmin

This is another bug not fixed by previous bug.

Reference : 

https://sourceware.org/bugzilla/show_bug.cgi?id=29870

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f2f58a399cf3f946983398cdfe52d0eaa72bf877

---------------------------------------------------------------------
# version

$ ./binutils-gdb/binutils/objdump --version
GNU objdump (GNU Binutils) 2.39.50.20221210
Copyright (C) 2022 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License version 3 or (at your option) any later version.
This program has absolutely no warranty.

---------------------------------------------------------------------
# make

$ git clone git://sourceware.org/git/binutils-gdb.git
$ cd binutils-gdb
$ ./configure
$ make

---------------------------------------------------------------------
# crash

$ ./binutils-gdb/binutils/objdump -WL poc
./binutils-gdb/binutils/objdump: warning: poc has a section extending past end of file

poc:     file format elf64-little

Contents of the .debug_line section:

./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30
(null):
File name                            Line number    Starting address    View    Stmt
fish: Job 1, './binutils-gdb/binutils/objdump…' terminated by signal SIGSEGV (Address boundary error)

---------------------------------------------------------------------
# ASAN report

$ ./binutils-gdb_asan_no_fuzz/binutils/objdump -WL poc
./binutils-gdb_asan_no_fuzz/binutils/objdump: warning: poc has a section extending past end of file

poc:     file format elf64-little

Contents of the .debug_line section:

./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30
(null):
File name                            Line number    Starting address    View    Stmt
AddressSanitizer:DEADLYSIGNAL
=================================================================
==807239==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f6c4871a6e5 bp 0x7ffca38a0580 sp 0x7ffca389fcf8 T0)
==807239==The signal is caused by a READ memory access.
==807239==Hint: address points to the zero page.
    #0 0x7f6c4871a6e4  (/lib/x86_64-linux-gnu/libc.so.6+0x1886e4)
    #1 0x7f6c487f190b in __interceptor_strlen ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:352
    #2 0x55d8a2ccd94d in display_debug_lines_decoded dwarf.c:5524
    #3 0x55d8a2cce061 in display_debug_lines dwarf.c:5655
    #4 0x55d8a2ca38c4 in dump_dwarf_section objdump.c:4396
    #5 0x55d8a2df215d in bfd_map_over_sections /home/a13579/fuzz_binutils-gdb/binutils-gdb_asan_no_fuzz/bfd/section.c:1366
    #6 0x55d8a2ca3af3 in dump_dwarf objdump.c:4434
    #7 0x55d8a2caa110 in dump_bfd objdump.c:5636
    #8 0x55d8a2caa4e5 in display_object_bfd objdump.c:5715
    #9 0x55d8a2caa816 in display_any_bfd objdump.c:5801
    #10 0x55d8a2caa890 in display_file objdump.c:5822
    #11 0x55d8a2cac1b9 in main objdump.c:6230
    #12 0x7f6c485b6082 in __libc_start_main ../csu/libc-start.c:308
    #13 0x55d8a2c9039d in _start (/home/a13579/fuzz_binutils-gdb/binutils-gdb_asan_no_fuzz/binutils/objdump+0x13b39d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x1886e4) 
==807239==ABORTING

---------------------------------------------------------------------
# ASAN report after apply previous patch

$ ./binutils-gdb_patch/binutils/objdump -WL poc

(... output too long ignore)

AddressSanitizer:DEADLYSIGNAL
=================================================================
==892104==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fae5f20f616 bp 0x7ffd81cb2ae0 sp 0x7ffd81cb2208 T0)
==892104==The signal is caused by a READ memory access.
==892104==Hint: address points to the zero page.
    #0 0x7fae5f20f615 in __sanitizer::internal_strlen(char const*) ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cc:164
    #1 0x7fae5f186174 in printf_common ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors_format.inc:544
    #2 0x7fae5f186dec in __interceptor_vprintf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1600
    #3 0x7fae5f186ee6 in __interceptor_printf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1658
    #4 0x5643efc7cdff in display_debug_lines_decoded dwarf.c:5413
    #5 0x5643efc7e074 in display_debug_lines dwarf.c:5655
    #6 0x5643efc538c4 in dump_dwarf_section objdump.c:4396
    #7 0x5643efda2170 in bfd_map_over_sections /home/a13579/fuzz_binutils-gdb/binutils-gdb_patch/bfd/section.c:1366
    #8 0x5643efc53af3 in dump_dwarf objdump.c:4434
    #9 0x5643efc5a110 in dump_bfd objdump.c:5636
    #10 0x5643efc5a4e5 in display_object_bfd objdump.c:5715
    #11 0x5643efc5a816 in display_any_bfd objdump.c:5801
    #12 0x5643efc5a890 in display_file objdump.c:5822
    #13 0x5643efc5c1b9 in main objdump.c:6230
    #14 0x7fae5ef15082 in __libc_start_main ../csu/libc-start.c:308
    #15 0x5643efc4039d in _start (/home/a13579/fuzz_binutils-gdb/binutils-gdb_patch/binutils/objdump+0x13b39d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cc:164 in __sanitizer::internal_strlen(char const*)
==892104==ABORTING
Comment 1 曾思維 2022-12-12 02:44:59 UTC 
Created attachment 14493 [details]
poc to crash in display_debug_lines_decoded dwarf.c:5413

generated with my fuzzer and AFL_TMIN_EXACT=1 afl-tmin

------------------------------------------------------
# Asan report 

$ ./binutils-gdb_asan_no_fuzz/binutils/objdump -WL poc

poc:     file format elf64-x86-64

Contents of the .debug_line section:

0000000000000000000000000000000:
File name                            Line number    Starting address    View    Stmt

./0000000000000000000000000000000:[++]
0000000000000000000000000000000              104  0x3030303030303090               x
0000000000000000000000000000000              158  0x3030303030303090       1       x
0000000000000000000000000000000                -  0x3030303030303990


./0000000000000000000000000000000:[++]
0000000000000000000000000000000              104  0x3030303030303090               x
0000000000000000000000000000000              159  0x30303030303030f0               x
0000000000000000000000000000000              200  0x3030303030303150               x
0000000000000000000000000000000              255  0x30303030303031b0               x
0000000000000000000000000000000              358  0x3030303030303210               x
0000000000000000000000000000000              413  0x3030303030303270               x
0000000000000000000000000000000              468  0x30303030303032d0               x
0000000000000000000000000000000              523  0x3030303030303330               x
0000000000000000000000000000000              578  0x3030303030303390               x
0000000000000000000000000000000              633  0x30303030303033f0               x
0000000000000000000000000000000              688  0x3030303030303450               x
0000000000000000000000000000000              743  0x30303030303034b0               x
0000000000000000000000000000000              798  0x3030303030303e10               x
0000000000000000000000000000000              853  0x3030303030303e70               x
0000000000000000000000000000000              888  0x3030303030303ed0        
0000000000000000000000000000000              943  0x3030303030303f30        
0000000000000000000000000000000             1046  0x3030303030303f90        
0000000000000000000000000000000             1101  0x3030303030303ff0        
0000000000000000000000000000000             1156  0x3030303030304050        
0000000000000000000000000000000             1211  0x30303030303040b0        
0000000000000000000000000000000             1266  0x3030303030304110        
0000000000000000000000000000000             1369  0x3030303030304170        
0000000000000000000000000000000             1424  0x30303030303041d0        
0000000000000000000000000000000             1479  0x3030303030304230        
0000000000000000000000000000000             1534  0x3030303030304290        
0000000000000000000000000000000             1581  0x30303030303042f0        
0000000000000000000000000000000             1636  0x3030303030304350        
0000000000000000000000000000000             1691  0x30303030303043b0        
0000000000000000000000000000000             1746  0x3030303030304410        
0000000000000000000000000000000             1801  0x3030303030304470        
0000000000000000000000000000000             1856  0x30303030303044d0        
0000000000000000000000000000000             1911  0x3030303030304530        
0000000000000000000000000000000             1966  0x3030303030304590        
0000000000000000000000000000000             1996  0x30303030303045f0        
0000000000000000000000000000000             2051  0x3030303030304650        
0000000000000000000000000000000             2154  0x30303030303046b0        
0000000000000000000000000000000             2209  0x3030303030304710        
0000000000000000000000000000000             2264  0x3030303030304770        
0000000000000000000000000000000             2319  0x30303030303047d0        
0000000000000000000000000000000             2374  0x3030303030304830        
0000000000000000000000000000000             2429  0x3030303030304890        
0000000000000000000000000000000             2484  0x30303030303048f0        
0000000000000000000000000000000             2532  0x3030303030304950        
0000000000000000000000000000000             2635  0x30303030303049b0        
0000000000000000000000000000000             2656  0x3030303030304a10               x
0000000000000000000000000000000             2711  0x3030303030304a70               x
0000000000000000000000000000000             2814  0x3030303030304ad0               x
0000000000000000000000000000000             2869  0x3030303030304b30               x
0000000000000000000000000000000             2924  0x3030303030304b90               x
0000000000000000000000000000000             2979  0x3030303030304bf0               x
0000000000000000000000000000000             3034  0x3030303030304c50               x
0000000000000000000000000000000             3054  0x3030303030304cb0               x
0000000000000000000000000000000             3109  0x3030303030304d10               x
0000000000000000000000000000000             3212  0x3030303030304d70               x
0000000000000000000000000000000             3253  0x3030303030304dd0               x
0000000000000000000000000000000             3237  0x30303030303056d0               x
0000000000000000000000000000000             3292  0x3030303030305730               x
0000000000000000000000000000000             3336  0x3030303030305790               x
0000000000000000000000000000000             3391  0x30303030303057f0               x
0000000000000000000000000000000             3494  0x3030303030305850               x
0000000000000000000000000000000             3483  0x3030303030306150               x
0000000000000000000000000000000                -  0x3030303030306a50


000000000000000000000000:
File name                            Line number    Starting address    View    Stmt

./000000000000000000000000:[++]
000000000000000000000000                    6190  0x3030303030303030               x
000000000000000000000000                    6245  0x3030303030303090               x
000000000000000000000000                    6300  0x30303030303030f0               x
000000000000000000000000                    6355  0x3030303030303150               x
000000000000000000000000                    6410  0x30303030303031b0        
000000000000000000000000                    6465  0x3030303030303210        
000000000000000000000000                    6520  0x3030303030303270        
000000000000000000000000                    6575  0x30303030303032d0        
000000000000000000000000                    6630  0x3030303030303330        
000000000000000000000000                    6685  0x3030303030303390        
000000000000000000000000                    6740  0x30303030303033f0        
000000000000000000000000                    6795  0x3030303030303450        
000000000000000000000000                    6850  0x30303030303034b0        
000000000000000000000000                    6905  0x3030303030303510        
000000000000000000000000                    6960  0x3030303030303570        
000000000000000000000000                    7063  0x30303030303035d0        
000000000000000000000000                   13374  0x3030303030303630        
000000000000000000000000                   13429  0x30303030303039c0        
000000000000000000000000                   13484  0x3030303030303a20        
000000000000000000000000                   13539  0x3030303030303a80               x
000000000000000000000000                   13594  0x3030303030303ae0        
000000000000000000000000                   13649  0x3030303030303b40               x
000000000000000000000000                   13704  0x3030303030303ba0        
000000000000000000000000                   13759  0x3030303030303f30        
000000000000000000000000                   13814  0x3030303030303f90        
000000000000000000000000                   13869  0x3030303030303ff0               x
000000000000000000000000                   13223  0x3030303030304050               x
000000000000000000000000                   19485  0x30303030303040b0        
000000000000000000000000                   19540  0x3030303030304440        
000000000000000000000000                   19595  0x30303030303044a0        
000000000000000000000000                   19650  0x3030303030304500               x
000000000000000000000000                   25907  0x3030303030304e00        
000000000000000000000000                   24754  0x3030303030304e60               x
000000000000000000000000                   31014  0x3030303030304ec0        
000000000000000000000000                   29856  0x3030303030304f20               x
000000000000000000000000                   36139  0x3030303030304f80        
000000000000000000000000                   36194  0x3030303030304fe0        
000000000000000000000000                   36249  0x3030303030305040               x
000000000000000000000000                   36304  0x30303030303050a0        
000000000000000000000000                   36359  0x3030303030305100        
000000000000000000000000                   36414  0x3030303030305160               x
000000000000000000000000                   36469  0x30303030303051c0        
000000000000000000000000                   35281  0x3030303030305220               x
000000000000000000000000                   35336  0x3030303030305280               x
000000000000000000000000                   41603  0x30303030303052e0        
000000000000000000000000                   41658  0x3030303030305340        
000000000000000000000000                   41713  0x30303030303053a0               x
000000000000000000000000                   41768  0x3030303030305400               x
000000000000000000000000                   41823  0x3030303030305460        
000000000000000000000000                   41878  0x30303030303054c0               x
000000000000000000000000                   41933  0x3030303030305520        
000000000000000000000000                   41988  0x30303030303058b0        
000000000000000000000000                   42043  0x3030303030305910        
000000000000000000000000                   40869  0x3030303030305970               x
000000000000000000000000                   47178  0x30303030303059d0        
000000000000000000000000                   47225  0x3030303030305a30        
000000000000000000000000                   47280  0x3030303030305a90               x
000000000000000000000000                   47335  0x3030303030305af0        
000000000000000000000000                   47390  0x3030303030305e80        
000000000000000000000000                   47447  0x30303030303061b0        
000000000000000000000000                   47502  0x3030303030306210               x
000000000000000000000000                   47557  0x3030303030306270        
000000000000000000000000                   47612  0x30303030303062d0        
000000000000000000000000                   47667  0x3030303030306330        
000000000000000000000000                   47722  0x3030303030306390        
000000000000000000000000                   47777  0x30303030303063f0               x
000000000000000000000000                   47832  0x3030303030306450               x
000000000000000000000000                   47887  0x30303030303064b0               x
000000000000000000000000                   47942  0x3030303030306510               x
000000000000000000000000                   47997  0x3030303030306570        
000000000000000000000000                   48100  0x30303030303065d0        
000000000000000000000000                   47823  0x3030303030306630        
000000000000000000000000                   47878  0x3030303030306690               x
000000000000000000000000                   47933  0x30303030303066f0        
000000000000000000000000                   47988  0x3030303030306750        
000000000000000000000000                   48043  0x30303030303067b0        
000000000000000000000000                   48098  0x3030303030306810               x
000000000000000000000000                   48153  0x3030303030306870        
000000000000000000000000                   48209  0x3030303030306ba0        
000000000000000000000000                   48264  0x3030303030306c00               x
000000000000000000000000                   48319  0x3030303030306c60               x
000000000000000000000000                   48374  0x3030303030306cc0               x
000000000000000000000000                   48477  0x3030303030306d20        
000000000000000000000000                   48532  0x3030303030306d80        
000000000000000000000000                   48587  0x3030303030306de0               x
000000000000000000000000                   48642  0x3030303030306e40               x
000000000000000000000000                   48697  0x3030303030306ea0        
000000000000000000000000                   48752  0x3030303030306f00               x
000000000000000000000000                   48807  0x3030303030306f60               x
000000000000000000000000                   48862  0x3030303030306fc0               x
000000000000000000000000                   48917  0x3030303030307020        
000000000000000000000000                   48972  0x3030303030307080               x
000000000000000000000000                   49027  0x30303030303070e0               x
000000000000000000000000                   49082  0x3030303030307140               x
000000000000000000000000                   49137  0x30303030303071a0               x
000000000000000000000000                   49192  0x3030303030307200        
000000000000000000000000                   49247  0x3030303030307260               x
000000000000000000000000                   49302  0x30303030303072c0               x
000000000000000000000000                   49357  0x3030303030307320               x
000000000000000000000000                   49412  0x3030303030307380        
000000000000000000000000                   49467  0x30303030303073e0               x
000000000000000000000000                   49522  0x3030303030307440               x
000000000000000000000000                   49577  0x30303030303074a0        
000000000000000000000000                   48629  0x3030303030307500               x
000000000000000000000000                   54940  0x3030303030307560        
000000000000000000000000                   54995  0x30303030303075c0               x
000000000000000000000000                   55050  0x3030303030307620               x
000000000000000000000000                   55105  0x3030303030307680        
000000000000000000000000                   55160  0x30303030303076e0               x
000000000000000000000000                   54205  0x3030303030307740               x
000000000000000000000000                   60518  0x30303030303077a0               x
000000000000000000000000                   60573  0x3030303030307800               x
000000000000000000000000                   59616  0x3030303030307b30               x
000000000000000000000000                   65931  0x3030303030307b90        
000000000000000000000000                   65986  0x3030303030307bf0               x
000000000000000000000000                   66041  0x3030303030307c50               x
000000000000000000000000                   66096  0x3030303030307cb0        
000000000000000000000000                   66151  0x3030303030307d10        
000000000000000000000000                   66206  0x3030303030307d70               x
000000000000000000000000                   66261  0x3030303030307dd0               x
000000000000000000000000                   66316  0x3030303030307e30        
000000000000000000000000                   66371  0x3030303030307e90        
000000000000000000000000                   66426  0x3030303030307ef0        
000000000000000000000000                   65453  0x3030303030307f50               x
000000000000000000000000                   65556  0x30303030303082e0               x
000000000000000000000000                   65611  0x3030303030308670        
000000000000000000000000                   64634  0x30303030303086d0               x
000000000000000000000000                   64737  0x3030303030308a60        
000000000000000000000000                   64792  0x3030303030308ac0               x
000000000000000000000000                   64847  0x3030303030308b20               x
000000000000000000000000                   63868  0x3030303030308b80               x
000000000000000000000000                   63971  0x3030303030308f10        
000000000000000000000000                   64026  0x3030303030308f70               x
000000000000000000000000                   64081  0x3030303030308fd0               x
000000000000000000000000                   64136  0x3030303030309030        
000000000000000000000000                   64191  0x3030303030309090               x
000000000000000000000000                   64294  0x30303030303090f0        
000000000000000000000000                   64335  0x3030303030309150        
000000000000000000000000                   64390  0x30303030303091b0               x
000000000000000000000000                   63403  0x3030303030309210               x
000000000000000000000000                   69602  0x3030303030309270        
000000000000000000000000                   69657  0x30303030303092d0               x
000000000000000000000000                   69712  0x3030303030309660        
000000000000000000000000                   69543  0x30303030303099f0        
000000000000000000000000                   68534  0x3030303030309a50               x
000000000000000000000000                   68637  0x303030303030a110        
000000000000000000000000                   74932  0x303030303030a4a0        
000000000000000000000000                   74987  0x303030303030a830               x
000000000000000000000000                   75042  0x303030303030a890               x
000000000000000000000000                   75097  0x303030303030a8f0        
000000000000000000000000                   75152  0x303030303030a950               x
000000000000000000000000                   75207  0x303030303030a9b0               x
000000000000000000000000                   75262  0x303030303030aa10               x
000000000000000000000000                   75317  0x303030303030aa70               x
000000000000000000000000                   75420  0x303030303030aad0        
000000000000000000000000                   75475  0x303030303030ab30        
000000000000000000000000                   75530  0x303030303030aec0               x
000000000000000000000000                   75585  0x303030303030af20               x
000000000000000000000000                   75640  0x303030303030af80        
000000000000000000000000                   74505  0x303030303030afe0               x
000000000000000000000000                   74608  0x303030303030b370        
000000000000000000000000                   74663  0x303030303030b3d0               x
000000000000000000000000                   74718  0x303030303030b430        
000000000000000000000000                   74773  0x303030303030b7c0               x
000000000000000000000000                   74828  0x303030303030b820               x
000000000000000000000000                   73801  0x303030303030b880               x
000000000000000000000000                   73904  0x303030303030bc10        
000000000000000000000000                   72838  0x303030303030bc70               x
000000000000000000000000                   72941  0x303030303030c000               x
000000000000000000000000                   72996  0x303030303030c060               x
000000000000000000000000                   73051  0x303030303030c0c0        
000000000000000000000000                   73106  0x303030303030c120               x
000000000000000000000000                   73161  0x303030303030c180               x
000000000000000000000000                   73264  0x303030303030c510        
000000000000000000000000                   73319  0x303030303030c570               x
000000000000000000000000                   73422  0x303030303030c5d0        
000000000000000000000000                   73477  0x303030303030c630               x
000000000000000000000000                   72367  0x303030303030c690               x
000000000000000000000000                   78679  0x303030303030c6f0        
000000000000000000000000                   78734  0x303030303030c750               x
000000000000000000000000                   78789  0x303030303030c7b0        
000000000000000000000000                   78844  0x303030303030c810               x
000000000000000000000000                   78947  0x303030303030c870        
000000000000000000000000                   79002  0x303030303030c8d0        
000000000000000000000000                   79057  0x303030303030c930        
000000000000000000000000                   79112  0x303030303030c990               x
000000000000000000000000                   79167  0x303030303030c9f0        
000000000000000000000000                   79222  0x303030303030ca50        
000000000000000000000000                   85429  0x303030303030cab0        
000000000000000000000000                   85484  0x303030303030cb10        
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2607496==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f678f132616 bp 0x7ffd3f0c0a50 sp 0x7ffd3f0c0178 T0)
==2607496==The signal is caused by a READ memory access.
==2607496==Hint: address points to the zero page.
    #0 0x7f678f132615 in __sanitizer::internal_strlen(char const*) ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cc:164
    #1 0x7f678f0a9174 in printf_common ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors_format.inc:544
    #2 0x7f678f0a9dec in __interceptor_vprintf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1600
    #3 0x7f678f0a9ee6 in __interceptor_printf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1658
    #4 0x558078bc8dff in display_debug_lines_decoded dwarf.c:5413
    #5 0x558078bca061 in display_debug_lines dwarf.c:5655
    #6 0x558078b9f8c4 in dump_dwarf_section objdump.c:4396
    #7 0x558078cee15d in bfd_map_over_sections /home/a13579/fuzz_binutils-gdb/binutils-gdb_asan_no_fuzz/bfd/section.c:1366
    #8 0x558078b9faf3 in dump_dwarf objdump.c:4434
    #9 0x558078ba6110 in dump_bfd objdump.c:5636
    #10 0x558078ba64e5 in display_object_bfd objdump.c:5715
    #11 0x558078ba6816 in display_any_bfd objdump.c:5801
    #12 0x558078ba6890 in display_file objdump.c:5822
    #13 0x558078ba81b9 in main objdump.c:6230
    #14 0x7f678ee38082 in __libc_start_main ../csu/libc-start.c:308
    #15 0x558078b8c39d in _start (/home/a13579/fuzz_binutils-gdb/binutils-gdb_asan_no_fuzz/binutils/objdump+0x13b39d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cc:164 in __sanitizer::internal_strlen(char const*)
==2607496==ABORTING
Comment 2 cvs-commit@gcc.gnu.org 2022-12-12 08:59:35 UTC 
The master branch has been updated by Alan Modra <amodra@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b1f1cefd5844cb0ce10df78c6e1a8ed2e98faa77

commit b1f1cefd5844cb0ce10df78c6e1a8ed2e98faa77
Author: Alan Modra <amodra@gmail.com>
Date:   Mon Dec 12 15:50:42 2022 +1030

    PR29872, uninitialised value in display_debug_lines_decoded dwarf.c:5413
    
    Plus segvs if the C-library doesn't handle printf %s of NULL.
    
            PR 29872
            * dwarf.c (null_name): New function.
            (process_debug_info): Use it here..
            (display_debug_lines_raw): ..and here..
            (display_debug_lines_decoded): ..and here.  xcalloc directory_table.
            Simplify xcalloc of file_table.
Comment 3 Alan Modra 2022-12-12 09:00:36 UTC 
Fixed for 2.40